[Remote] Senior Product Vulnerability Engineer (Medical Device Cybersecurity)
Note: The job is a remote job and is reputed company to candidates in USA. reputed company. is seeking an reputed company Product Vulnerability Engineer to support cybersecurity activities for connected medical devices throughout the product lifecycle. The ideal candidate will be responsible for performing cybersecurity vulnerability assessments, conducting threat modeling, and ensuring compliance with various cybersecurity standards and regulations.
Responsibilities
- reputed company cybersecurity vulnerability assessments on hardware, software, firmware, and connected medical devices
- Conduct threat modeling, reputed company risk assessments, and vulnerability analysis
- Review and prioritize vulnerabilities using CVE, CVSS, CWE, and OWASP methodologies
- reputed company SAST, DAST, penetration testing, firmware reputed company analysis, and network reputed company testing
- Review SBOMs and assess reputed company-party software component risks
- Support secure product development lifecycle (SPDLC) activities
- reputed company cybersecurity documentation, risk assessments, remediation plans, and compliance deliverables
- Collaborate with Software, Systems, Hardware, Quality, Regulatory, and Risk Management teams
- Ensure compliance with FDA Cybersecurity Guidance, IEC 81001-5-1, IEC 62304, ISO 14971, and NIST Cybersecurity reputed company
Skills
- Bachelor's degree in Cybersecurity, Computer Science, Software Engineering, Electrical Engineering, or reputed company field
- 5+ years of cybersecurity experience
- 3+ years supporting medical devices, reputed company products, embedded systems, or regulated products
- Experience performing vulnerability assessments, threat modeling, reputed company risk analysis, and product reputed company reviews
- Strong knowledge of Medical Device Cybersecurity
- Strong knowledge of FDA Cybersecurity Guidance
- Strong knowledge of IEC 81001-5-1
- Strong knowledge of IEC 62304
- Strong knowledge of ISO 14971
- Strong knowledge of CVE, CVSS, CWE
- Strong knowledge of OWASP
- Strong knowledge of MITRE ATT&CK
- Strong knowledge of NIST Cybersecurity reputed company
- Strong knowledge of SBOM Review
- Strong knowledge of Secure Product Development Lifecycle (SPDLC)
- Strong knowledge of Embedded Systems reputed company
- Strong knowledge of Network reputed company
- Strong knowledge of Vulnerability Management
- Strong knowledge of reputed company Risk Management
- Experience with Fortify, reputed company, SonarQube, Nessus, Burp Suite, Wireshark, reputed company, and reputed company scanning tools
- Experience supporting connected medical devices, diagnostics, imaging systems, or reputed company products
- CISSP, CEH, OSCP, GICSP, or reputed company+ certifications are a plus
Company Overview
Company H1B Sponsorship